Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1073924imm;
        Mon, 21 May 2018 20:53:52 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZqpr44VKSJFMMKgMXc0xF0yFx7hfKCyeCUVbLdYVHCx1ExztIK7ghxhGSSnaKO8Si0GvTg0
X-Received: by 2002:a62:66dd:: with SMTP id s90-v6mr22281872pfj.123.1526961232382;
        Mon, 21 May 2018 20:53:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1526961232; cv=none;
        d=google.com; s=arc-20160816;
        b=Npc2wj1M12hqSRIlrQOU2+oOi970ulkKt9rwXNlMqRLU55Iqf7rs0SWYDnlHAs3eXb
         tHG1KOKEQiVWuYLKh8IZCv7g+Zz13F+Kg6MbVlPL9IT2EXwJD/wlXuKIMGMBCPCEYEdn
         B4t5jQ2Iy+5zE5AawQps9qYho/s1UNdgFV+y3DVnX8FuapWlnWScx2kFNgYBuqJ87Dhv
         g2IddNKtLElTT82FCLFe+QcKG+QwFaEz6Zy++LYeJiqd1mpKWwM1xNq6JRl6m0wiiVqt
         EHFzb11kkEi8pbx+fxYbTk+j+jj96qvtd9H+9RDzm3KYJPjg5PUkLmLgJWF9GDp//UH7
         rdaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=fF8AfyK89uHd1MTgJcAW67sELE4yMj+zoSekoEi2POM=;
        b=Wgcl/cEJVD4Xog7DcD0Q9/4ncVMcUvYw6dwWkmkoIpWo6gb1BxxrE4VJmi7lgZAJJ1
         UNJ7srU6tITt4KhDUz/LQwG4XK2b5vm43MruiBCKGRClCjCsKlRE1Q94uhpV6/EH7Bg6
         OnNNaPDdQAWF0v1Nez5qRI+aiiImJWONS+3QmJYX3oyx0DCSfo4bA0YrvHRXTBJdq/iS
         +Dhs8FTmbvYTd1+lhkc2vgPeKkqf575YskIm5jTYa44WKQIcagaK5P0qODo1IXfxgyl1
         6fw9zVbu76PzWCvxKJKG9HdMLuaIf0ZkoYwkPWFRyRe3xvHtmC6uzUFQegYiLTqLzDkt
         eEUw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=NAQonN/4;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b67-v6si15649340plb.262.2018.05.21.20.53.38;
        Mon, 21 May 2018 20:53:52 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=NAQonN/4;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752672AbeEVDxC (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Mon, 21 May 2018 23:53:02 -0400
Received: from userp2120.oracle.com ([156.151.31.85]:37710 "EHLO
        userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751745AbeEVDw5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 21 May 2018 23:52:57 -0400
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1])
        by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w4M3kfZD019220;
        Tue, 22 May 2018 03:52:50 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2017-10-26;
 bh=fF8AfyK89uHd1MTgJcAW67sELE4yMj+zoSekoEi2POM=;
 b=NAQonN/4NJwTSwASiVcolOdWdosIhiYvlm4E6HNuoT8vsorqw1rOKclAgKd880xDsa3G
 3LZ+NyW4xCrHroL43zpz/aGbEhV0YhuaijfI0/BAWwFzx8G+nFzNi6FG5qc4INTH223z
 WpWWg7UnFBMqeCpA3MmixUGvqnK5QResrq7VO920TsJ8BHeI9eVctqZVIZfX4MFlHX4i
 JzJBjs8G+Jbx5qEoNevk8ALLFJvRziasEmHGgOyQOjHH8K74V57j6Z028FK5W57kuYuQ
 c6rkLV8V2xfmGmSq3KUQfNA1d7+hvtCVBGir2Dq/cLmBhYtwpONn2MaYEaBZlecrXPBg aA== 
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71])
        by userp2120.oracle.com with ESMTP id 2j2ck9emt0-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 22 May 2018 03:52:50 +0000
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w4M3qoNE026946
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 22 May 2018 03:52:50 GMT
Received: from abhmp0012.oracle.com (abhmp0012.oracle.com [141.146.116.18])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w4M3qnSh032376;
        Tue, 22 May 2018 03:52:49 GMT
Received: from dhcp-burlington7-2nd-B-east-10-152-55-162.usdhcp.oraclecorp.com.com (/10.152.32.65)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 21 May 2018 20:52:49 -0700
From:   Boris Ostrovsky <boris.ostrovsky@oracle.com>
To:     xen-devel@lists.xenproject.org, linux-kernel@vger.kernel.org
Cc:     jgross@suse.com, JBeulich@suse.com,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>
Subject: [PATCH v4 1/2] xen/PVH: Set up GS segment for stack canary
Date:   Mon, 21 May 2018 23:54:44 -0400
Message-Id: <20180522035445.16911-2-boris.ostrovsky@oracle.com>
X-Mailer: git-send-email 2.14.3
In-Reply-To: <20180522035445.16911-1-boris.ostrovsky@oracle.com>
References: <20180522035445.16911-1-boris.ostrovsky@oracle.com>
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8900 signatures=668700
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1805220044
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

We are making calls to C code (e.g. xen_prepare_pvh()) which may use
stack canary (stored in GS segment).

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
---
 arch/x86/xen/xen-pvh.S | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/arch/x86/xen/xen-pvh.S b/arch/x86/xen/xen-pvh.S
index e1a5fbe..0169374 100644
--- a/arch/x86/xen/xen-pvh.S
+++ b/arch/x86/xen/xen-pvh.S
@@ -54,6 +54,9 @@
  * charge of setting up it's own stack, GDT and IDT.
  */
 
+#define PVH_GDT_ENTRY_CANARY	4
+#define PVH_CANARY_SEL		(PVH_GDT_ENTRY_CANARY * 8)
+
 ENTRY(pvh_start_xen)
 	cld
 
@@ -98,6 +101,12 @@ ENTRY(pvh_start_xen)
 	/* 64-bit entry point. */
 	.code64
 1:
+	/* Set base address in stack canary descriptor. */
+	mov $MSR_GS_BASE,%ecx
+	mov $canary, %rax
+	cdq
+	wrmsr
+
 	call xen_prepare_pvh
 
 	/* startup_64 expects boot_params in %rsi. */
@@ -107,6 +116,17 @@ ENTRY(pvh_start_xen)
 
 #else /* CONFIG_X86_64 */
 
+	/* Set base address in stack canary descriptor. */
+	movl $_pa(gdt_start),%eax
+	movl $_pa(canary),%ecx
+	movw %cx, (PVH_GDT_ENTRY_CANARY * 8) + 2(%eax)
+	shrl $16, %ecx
+	movb %cl, (PVH_GDT_ENTRY_CANARY * 8) + 4(%eax)
+	movb %ch, (PVH_GDT_ENTRY_CANARY * 8) + 7(%eax)
+
+	mov $PVH_CANARY_SEL,%eax
+	mov %eax,%gs
+
 	call mk_early_pgtbl_32
 
 	mov $_pa(initial_page_table), %eax
@@ -150,9 +170,13 @@ gdt_start:
 	.quad GDT_ENTRY(0xc09a, 0, 0xfffff) /* __KERNEL_CS */
 #endif
 	.quad GDT_ENTRY(0xc092, 0, 0xfffff) /* __KERNEL_DS */
+	.quad GDT_ENTRY(0x4090, 0, 0x18)    /* PVH_CANARY_SEL */
 gdt_end:
 
-	.balign 4
+	.balign 16
+canary:
+	.fill 48, 1, 0
+
 early_stack:
 	.fill 256, 1, 0
 early_stack_end:
-- 
2.9.3